BYOD Passwords Hacking Cloud Compliance Reviews Privacy

Current Filter: Security>>>>>>

PREVIOUS

   Current Article ID:4072

NEXT



Celestix Networks HOTPin v3.7

Editorial Type: Review     Date: 05-2014    Views: 2234   







The exponential growth of mobile workforces is making businesses rethink their security strategy for remote access, as simple usernames and passwords are not enough

Two-factor authentication (2FA) is the preferred method, as it provides much stronger security, but many solutions are proving to be complex and costly.

Celestix's HOTPin is highly cost effective, as it's a tokenless 2FA solution. Instead of requiring users to carry expensive and easily lost hardware tokens, such as key fobs, it uses a soft token client installed on their PC or mobile smart device.

The Celestix client contains a seed that generates a one-time password (OTP) and supports a wide range of delivery form factors, including SMS, email, QR code and hardware token. Celestix also provides soft tokens for all popular mobile platforms, including iOS for iPhone and iPad, Android, Blackberry and Windows Phone.

HOTPin v3.7 introduces a number of new features, while the inclusion of an embedded RADIUS server allows it to run in standalone mode. It can synchronise user accounts with Active Directory and provides a graphical dashboard of all login activities. It also supports the use of QR codes both at time of login and for the provisioning of keys to mobile devices. An API is also available to allow enterprises to integrate two-factor authentication into its existing web applications

HOTPin standalone requires Windows Server 2008 R2 and we had no problems installing it on one of our test servers. Local and remote management are supported and, in either case, you get to meet Celestix's slick Comet web interface, which provides easy access to all HOTPin functions.

A self-provisioning web site streamlines management, as it allows users to create and edit accounts, import token key configurations, and download the client software. Administrators can decide whether to enable the site and also determine which functions may be accessed.

For unmanaged devices without the client software loaded, you can enable custom providers to send users their next valid token. HOTPin supports four token providers for email, HTTP, Instant Messenger and SMS via web gateway or locally attached GSM/GPRS modem.

Global settings define how many authentication failures are permitted before account lockout and for how long tokens sent by custom providers will remain valid. Passphrases can be requested whenever a user loads the client software and you can ask users to enter a new PIN on first contact with the user portal.

Along with the provisioning web site, you can also add user accounts manually or import them from a file or Active Directory. We opted for the latter, where the Comet console listed all users on our AD domain controller, and allowed us to pick and choose which ones to import.

Apart from the embedded RADIUS server, HOTPin supports Microsoft's Network Policy Server. It also snaps in with other RADIUS solutions, and Celestix provides guides for integrating with security appliances from Cisco, Check Point, Juniper, Fortinet and many more.

The client software is very simple to use, as all you do is load it, enter the unique passphrase if required, and ask it to generate a new OTP, which is entered in the application login portal. When the new code is displayed, a bar below shows for how long it will remain valid.

The new dashboard provides plenty of details on passed and failed authentications over selected time periods, and you can search for specific users. Extensive reporting tools are also provided and audit trails are maintained for regulatory compliance.

Celestix's HOTPin solves many of the problems associated with two-factor authentication, as it's simple to deploy and easy to manage and provision. The use of soft tokens reduces acquisition costs significantly, making HOTPin very good value for a wide range of businesses. CS

Product: HOTPin v3.7
Supplier: Celestix Networks
Telephone: +44 (0) 118 9596198
Web site: www.celestix.com
Price: £ 13 per user, reducing with volume

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top


PREVIOUS

                    


NEXT